Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG). To enable HTTPS on your website, you need to get a certificate (a type of file) from a Certificate Authority (CA). Let’s Encrypt is a CA. In order to get a certificate for your website’s domain from Let’s Encrypt, you have to demonstrate control over the domain. With Let’s Encrypt, you do this using software that uses the ACME protocol, which typically runs on your web host. Here is how I installed and atomized its renewal

  1. Download and install the free Let’s Encrypt SSL certificate.
  2. Create a cron script by saving the following to an executable script.
    #!/bin/bash
    #Script to auto renews the free SSL certificate
    cd /production/scripts/letsencrypt ; ./letsencrypt-auto renew 2>&1 | tee /tmp/letsencrypt.log
    STAT=$(echo $?)
    ERRORLOG=`cat /tmp/letsencrypt.log`
    if [ $STAT -ne 0 ]
    then
    echo -e "The Lets Encrypt Cert has not been renewed! \n \n" $ERRORLOG | mail -s "Lets Encrypt Cert Alert" <ADD_EMAIL_ID>
    else
    service apache2 restart
    echo -e "The Lets Encrypt Cert has now been renewed! \n \n" $ERRORLOG | mail -s "Lets Encrypt Cert Notice" <ADD_EMAIL_ID>
    fi
    exit 0